ISO 27001 is part of the internationally recognised ISO/IEC 27000 series, an information security management system (ISMS) standard published by the International Organisation for Standardisation (ISO) in October 2005. ISO 27001 certification verifies that a company is managing both its own information and its customers’ information in accordance with best practice. The standard specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented ISMS within the context of the company’s unique business risks and requirements. Once a company has identified all information assets, both its own and that of its customers, a risk assessment is carried out and the necessary security controls can be put in place.
Mark Hutchinson, Managing Director, Telindus UK & Ireland said: “With information security threats becoming increasingly commonplace and a number of information protection issues making the headlines, we felt that gaining ISO 27001 certification was essential for protecting our own information and maintain our customers’ confidence. Nowadays, data is exposed to numerous dangers, ranging from external attacks through the internet to internal loss or theft. The information we possess is invaluable to our business and achieving the accreditation has assured us that we our managing both our own data and our clients’ data in the best possible way.”